You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For private repos, due to this undocumented behavior of GitHub actions, it seems an additional contents: read permission is required for the action:
permissions:
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing.contents: read
Otherwise, the action fails while trying to fetch the repo:
remote: Repository not found.Error: fatal: repository 'https://github.com/my-org/my-repo' not foundThe process '/usr/bin/git' failed with exit code 128
NOTE: I tested this with a repo using Trusted Publishing.
The text was updated successfully, but these errors were encountered:
trymzet
changed the title
Document permimssion requirements for private repositories
Document permission requirements for private repositories
May 6, 2024
I can confirm that I've seen the same behavior. I think this may depend on the parent GH user/org/enterprise's default GHA token permissions, but either way it's likely to be a common snare when people publish from a private repo.
For private repos, due to this undocumented behavior of GitHub actions, it seems an additional
contents: read
permission is required for the action:Otherwise, the action fails while trying to fetch the repo:
NOTE: I tested this with a repo using Trusted Publishing.
The text was updated successfully, but these errors were encountered: